Safeguards

A safe and secure data system

The Data Sharing and Release legislation represents a significant change in the way the Australian government handles public sector data, including personal information, from ‘need to know’ to ‘responsibility to share’.

Australian people and organisations provide data to government agencies every day, and those agencies are responsible for keeping the data safe and secure. Agencies are required to have safeguards in place to protect data – like privacy and secrecy legislation, secure buildings and IT systems, and strict requirements on employees who have access to data.

Protecting your privacy

We are committed to delivering a framework that meets public expectations on privacy. In our view, there is no ‘set and forget’ approach to privacy, we will continue to review and ensure our privacy approach remains best practice and meets the Australian community’s expectations.

Data held by most Australian Government agencies can be shared for informing policy and programs; service delivery; and research and development activities. Where research and development leads to commercial outcomes, Data Custodians must ensure it does not impinge on individual’s privacy, and existing intellectual property and consumer and competition laws still apply.

Legislation will only authorise sharing that is reasonably necessary to achieve public interest purposes. Sharing will not be allowed for compliance, national security or law enforcement purposes under this legislation. 

Consistency with privacy legislation

The new Data Sharing and Release legislation will operate consistently with the Privacy Act 1988 (the Privacy Act). When participating in the data sharing system, entities must comply with their obligations under the Privacy Act (or comparable state or territory privacy legislation).

Legislative safeguards will protect all sensitive information by ensuring it is handled appropriately and consistently.

Co-operation with Australian Information Commissioner and other regulators

The National Data Commissioner will work in partnership with other regulators and experts in the system. 

The new Data Sharing and Release legislation will operate alongside existing data protection schemes, and will contain provisions for co-operation between the National Data Commissioner and other relevant regulators.

The Australian Information Commissioner and Privacy Commissioner and State/Territory privacy regulators will have responsibility for ensuring personal information shared under the Data Sharing system is handled in accordance with applicable privacy legislation. This reflects current best practice and arrangements between regulators.